Ensurepass

QUESTION 51

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network?

 

A.

VLAN

B.

Subnet

C.

VPN

D.

DMZ

 

Correct Answer: D

 

 

QUESTION 52

Which of the following was based on a previous X.500 s
pecification and allows either unencrypted authentication or encrypted authentication through the use of TLS?

 

A.

Kerberos

B.

TACACS+

C.

RADIUS

D.

LDAP

 

Correct Answer: D

 

 

QUESTION 53

The Quality Assurance team is testing a new third party developed application. The Quality team does not have any experience with the application. Which of the following is the team performing?

 

A.

Grey box testing

B.

Black box testing

C.

Penetration testing

D.

White box testing

 

Correct Answer: B

 

 

QUESTION 54

Which of the following has a storage root key?

 

A.

HSM

B.

EFS

C.

TPM

D.

TKIP

 

Correct Answer: C

 

 

QUESTION 55

A datacenter requires that staff be able to identify whether or not items have been removed from the facility. Which of the following controls will allow the organization to provide automated notification of item removal?

 

A.

CCTV

B.

Environmental monitoring

C.

RFID

D.

EMI shielding

 

Correct Answer: C

QUESTION 56

A malicious person gained access to a datacenter by ripping the proximity badge reader off the wall near the datacenter entrance. This caused the electronic locks on the datacenter door to release because the:

 

A.

badge reader was improperly installed.

B.

system was designed to fail open for life-safety.

C.

system was installed in a fail closed configuration.

D.

system used magnetic locks and the locks became demagnetized.

 

Correct Answer: B

 

 

QUESTION 57

The concept of rendering data passing between two points over an IP based network impervious to all but the most sophisticated advanced persistent threats is BEST categorized as which of the following?

 

A.

Stream ciphers

B.

Transport encryption

C.

Key escrow

D.

Block ciphers

 

Correct Answer: B

 

 

QUESTION 58

On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure, and that there are no outages. Which of the following is the MOST likely cause for this issue?

 

A.

Too many incorrect authentication attempts have caused users to be temporarily disabled.

B.

The DNS server is overwhelmed with connections and is unable to respond to queries.

C.

The company IDS detected a wireless attack and disabled the wireless network.

D.

The Remote Authentication Dial-In User Service server certificate has expired.

 

Correct Answer: D

 

 

QUESTION 59

Which of the following would BEST deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?

 

A.

Account expiration settings

B.

Complexity of PIN

C.

Account lockout settings

D.

PIN history requirements

 

Correct Answer: C

 

 

 

QUESTION 60

An administrator discovers that many users have used their same passwords for years even though the network requires that the passwords be changed every six weeks. Which of the following, when used together, would BEST prevent users from reusing their existing password? (Select TWO).

 

A.

Length of password

B.

Password history

C.

Minimum password age

D.

Password expiration

E.

Password complexity

F.

Non-dictionary words

 

Correct Answer: BC

 

Free VCE & PDF File for CompTIA SY0-401 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.